Skip to content

Harmonize all packages to have sema4ai-actions 1.3.0 (#109) #59

Harmonize all packages to have sema4ai-actions 1.3.0 (#109)

Harmonize all packages to have sema4ai-actions 1.3.0 (#109) #59

name: Actions - Update Actions to S3 Gallery
on:
workflow_dispatch:
# Enables manual triggering via GitHub Actions
push:
branches:
- main
paths:
- 'actions/**'
jobs:
build_packages:
runs-on: ubuntu-latest
permissions:
id-token: write # required by AWS aws-actions/configure-aws-credentials
contents: read
env:
RCC_VERSION: v18.1.1
outputs:
has_packages: ${{ steps.check_artifacts.outputs.has_packages }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Check if manifest.json exists
run: |
if curl --head --silent --fail https://cdn.sema4.ai/gallery/actions/manifest.json; then
echo "manifest.json exists. Proceeding with the workflow."
else
echo "manifest.json does not exist. Stopping the workflow."
exit 1
fi
- name: Build updated packages
run: |
cd bin
curl -L -o rcc "https://cdn.sema4.ai/rcc/releases/${{ env.RCC_VERSION }}/linux64/rcc"
chmod +x rcc
./rcc run -r publisher/robot.yaml -t "Build updated packages"
- name: Save Gallery artifact
uses: actions/upload-artifact@v4
with:
name: gallery-artifact
path: bin/publisher/gallery
- name: Check artifacts
id: check_artifacts
run: |
if find bin/publisher/gallery -mindepth 1 -maxdepth 1 | read; then
echo "has_packages=true" >> $GITHUB_OUTPUT
fi
build_environments:
needs: build_packages
if: ${{ needs.build_packages.outputs.has_packages == 'true' }}
runs-on: ${{ matrix.os }}
env:
RCC_VERSION: v18.1.1
strategy:
fail-fast: false
matrix:
name:
- ubuntu
- windows
- macos
include:
- name: ubuntu
os: ubuntu-latest
rcc_folder: linux64
- name: windows
os: windows-latest
rcc_folder: windows64
- name: macos
os: macos-latest
rcc_folder: macos64
outputs:
has_environments: ${{ steps.check_artifacts.outputs.has_environments }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Download Gallery artifact
uses: actions/download-artifact@v4
with:
name: gallery-artifact
path: bin/publisher/gallery
- name: Build Environments [Linux and Mac]
if: ${{ matrix.os == 'ubuntu-latest' || matrix.os == 'macos-latest' }}
run: |
ls -lh bin/publisher/gallery
cd bin
curl -L -o rcc "https://cdn.sema4.ai/rcc/releases/${{ env.RCC_VERSION }}/${{ matrix.rcc_folder }}/rcc"
chmod +x rcc
# Please note that the script will only build environments for packages already existing in the gallery folder.
./rcc run -r publisher/robot.yaml -t "Build environments"
- name: Build Environments [Windows]
if: ${{ matrix.os == 'windows-latest' }}
run: |
Set-Location -Path bin
Invoke-WebRequest -Uri "https://cdn.sema4.ai/rcc/releases/${{ env.RCC_VERSION }}/${{ matrix.rcc_folder }}/rcc.exe" -OutFile rcc.exe
icacls .\rcc.exe /grant Everyone:F
# Please note that the script will only build environments for packages already existing in the gallery folder.
Invoke-Expression -Command ".\rcc.exe run -r publisher/robot.yaml -t `"Build environments`""
- name: Save environments artifact
uses: actions/upload-artifact@v4
with:
name: environments-artifact-${{ matrix.os }}
path: bin/publisher/environments
- name: Check artifacts
if: ${{ matrix.os == 'ubuntu-latest' }}
id: check_artifacts
run: |
# Note that it's enough to only do it once (on single OS), running it on all 3 would result
# in redundant operations.
if find bin/publisher/environments -mindepth 1 -maxdepth 1 | read; then
echo "has_environments=true" >> $GITHUB_OUTPUT
fi
publish:
runs-on: ubuntu-latest
needs: [build_packages, build_environments]
if: ${{ needs.build_packages.outputs.has_packages == 'true' || needs.build_environments.outputs.has_environments }}
permissions:
id-token: write # required by AWS aws-actions/configure-aws-credentials
contents: read
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Download Gallery artifact
uses: actions/download-artifact@v4
with:
name: gallery-artifact
path: bin/publisher/gallery
- name: Download Environments artifact
uses: actions/download-artifact@v4
with:
pattern: environments-artifact-*
path: bin/publisher/environments
merge-multiple: true
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: eu-west-1
role-to-assume: arn:aws:iam::710450854638:role/github-action-gallery
- name: Publish environments
if: ${{ needs.build_environments.outputs.has_environments == 'true' }}
run: |
S3_BASE_URL="s3://downloads.robocorp.com/holotree/sema4ai"
cd bin/publisher/environments
ls -la
# Copy the environments
# cache-control max-age=31536000, because these should be immutable
for file in *; do
aws s3 cp "$file" "$S3_BASE_URL/$file" --cache-control max-age=31536000
returnCode=$?
if [ $returnCode -ne 0 ]; then
echo "Uploading of '$file' environments failed, exiting..."
exit 1
fi
done
- name: Publish packages
if: ${{ needs.build_packages.outputs.has_packages == 'true' }}
run: |
echo "Updating Gallery S3"
S3_BASE_URL="s3://downloads.robocorp.com/gallery/actions"
cd bin/publisher/gallery
ls -la
# Copy the Action Package subdirectories. Note that since this is an update workflow,
# subdirectories will only contain packages which version's was actually bumped.
# cache-control max-age=31536000, because these should be immutable.
for dir in */; do
aws s3 cp "$dir" "$S3_BASE_URL/$dir" --recursive --cache-control max-age=31536000
returnCode=$?
# If the upload of any package fails, we want to break the workflow, as to not update the manifest,
# which should be the only source of truth.
# Even if some packages will be uploaded before other one fails, manifest won't include them,
# and therefore they won't be available in clients to download, and will be eligible to re-upload
# on the next Gallery update run.
if [ $returnCode -ne 0 ]; then
echo "Upload of '$dir' package failed, exiting..."
exit 1
fi
done
# Copy the updated manifest
aws s3 cp manifest.json $S3_BASE_URL/manifest.json --cache-control max-age=120 --content-type "text/plain"